[ubuntu/jammy-proposed] linux-hwe-6.8 6.8.0-110.110~22.04.1 (Accepted)
Andy Whitcroft
apw at canonical.com
Mon Mar 30 07:04:03 UTC 2026
linux-hwe-6.8 (6.8.0-110.110~22.04.1) jammy; urgency=medium
* jammy/linux-hwe-6.8: 6.8.0-110.110~22.04.1 -proposed tracker (LP: #2143476)
[ Ubuntu: 6.8.0-110.110 ]
* noble/linux: 6.8.0-110.110 -proposed tracker (LP: #2144887)
* ITS mitigation is not enabled on affected CPUs (LP: #2144730)
- x86/bugs: Rename CONFIG_RETPOLINE => CONFIG_MITIGATION_RETPOLINE
- x86/bugs: Rename CONFIG_RETHUNK => CONFIG_MITIGATION_RETHUNK
- [Config] rename config options RETHUNK and RETPOLINE
[ Ubuntu: 6.8.0-108.108 ]
* noble/linux: 6.8.0-108.108 -proposed tracker (LP: #2143478)
* linux-riscv-6.8 is FTBFS because of missing patches (LP: #2142235)
- riscv, bpf: Unify 32-bit sign-extension to emit_sextw
- riscv, bpf: Unify 32-bit zero-extension to emit_zextw
- riscv, bpf: Simplify sext and zext logics in branch instructions
- riscv, bpf: Add necessary Zbb instructions
- riscv, bpf: Optimize sign-extention mov insns with Zbb support
- riscv, bpf: Optimize bswap insns with Zbb support
* ADT test for linux package failed with "fatal: unable to connect to
git.launchpad.net" (LP: #2143033)
- [Packaging] d/t/ubuntu-regression-suite: use https to clone
* Coresight fails to build on 6.8.0-102 due to missing function and arg
definitions (LP: #2142337)
- SAUCE: Revert "coresight: catu: Support atclk"
- SAUCE: Revert "coresight: catu: Move ACPI support from AMBA driver to
platform driver"
- SAUCE: Revert "coresight: tmc: Support atclk"
- SAUCE: Revert "coresight: tmc: Move ACPI support from AMBA driver to
platform driver"
- SAUCE: Revert "Coresight: Set correct cs_mode for TPDM to fix disable
issue"
- SAUCE: Revert "Coresight: Set correct cs_mode for dummy source to fix
disable issue"
* efi: Fix swapped arguments to bsearch() in efi_status_to_*() SAUCE patch
(LP: #2141276)
- SAUCE efi: Fix swapped arguments to bsearch() in efi_status_to_*()
* Fix conntrack use after free when ovs hardware offload is enabled
(LP: #2139322)
- netfilter: conntrack: remove skb argument from nf_ct_refresh
- netfilter: conntrack: rework offload nf_conn timeout extension logic
- netfilter: conntrack: fix erronous removal of offload bit
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789)
- xhci: fix stale flag preventig URBs after link state error is cleared
- Revert "xfrm: destroy xfrm_state synchronously on net exit path"
- xfrm: flush all states in xfrm_state_fini
- leds: spi-byte: Use devm_led_classdev_register_ext()
- Documentation: process: Also mention Sasha Levin as stable tree
maintainer
- USB: serial: option: add Foxconn T99W760
- USB: serial: option: add Telit Cinterion FE910C04 new compositions
- USB: serial: option: move Telit 0x10c7 composition in the right place
- USB: serial: ftdi_sio: match on interface number for jtag
- serial: add support of CPCI cards
- USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC
- USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC
- ftrace: bpf: Fix IPMODIFY + DIRECT in modify_ftrace_direct()
- spi: xilinx: increase number of retries before declaring stall
- spi: imx: keep dma request disabled before dma transfer setup
- drm/vmwgfx: Use kref in vmw_bo_dirty
- Bluetooth: btrtl: Avoid loading the config file on security chips
- smb: fix invalid username check in smb3_fs_context_parse_param()
- ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series
- HID: hid-input: Extend Elan ignore battery quirk to USB
- pinctrl: qcom: msm: Fix deadlock in pinmux configuration
- platform/x86: acer-wmi: Ignore backlight event
- HID: apple: Add SONiX AK870 PRO to non_apple_keyboards quirk list
- platform/x86: huawei-wmi: add keys for HONOR models
- platform/x86/amd: pmc: Add Lenovo Legion Go 2 to pmc quirk list
- platform/x86/amd/pmc: Add spurious_8042 to Xbox Ally
- HID: elecom: Add support for ELECOM M-XT3URBK (018F)
- LoongArch: Mask all interrupts during kexec/kdump
- samples: work around glibc redefining some of our defines wrong
- wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1
- drm/panel: visionox-rm69299: Don't clear all mode flags
- USB: Fix descriptor count when handling invalid MBIM extended descriptor
- clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback
- clk: renesas: Use str_on_off() helper
- clk: renesas: Pass sub struct of cpg_mssr_priv to cpg_clk_register
- clk: renesas: cpg-mssr: Read back reset registers to assure values
latched
- HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync()
- objtool: Fix standalone --hacks=jump_label
- objtool: Fix weak symbol detection
- sched/fair: Forfeit vruntime on yield
- irqchip/irq-bcm7038-l1: Fix section mismatch
- irqchip/irq-bcm7120-l2: Fix section mismatch
- irqchip/irq-brcmstb-l2: Fix section mismatch
- irqchip/imx-mu-msi: Fix section mismatch
- irqchip/qcom-irq-combiner: Fix section mismatch
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller
- rculist: Add hlist_nulls_replace_rcu() and
hlist_nulls_replace_init_rcu()
- inet: Avoid ehash lookup race in inet_ehash_insert()
- iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member
- arm64: dts: freescale: imx8mp-venice-gw7905-2x: remove duplicate usdhc1
props
- arm64: dts: imx8mm-venice-gw72xx: remove unused sdhc1 pinctrl
- arm64: dts: imx8mp-venice-gw702x: remove off-board uart
- arm64: dts: imx8mp-venice-gw702x: remove off-board sdhc1
- PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2
- uio: uio_fsl_elbc_gpcm:: Add null pointer check to
uio_fsl_elbc_gpcm_probe
- clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to
other
- clk: qcom: camcc-sm6350: Fix PLL config of PLL2
- crypto: hisilicon/qm - restore original qos values
- s390/smp: Fix fallback CPU detection
- s390/ap: Don't leak debug feature files if AP instructions are not
available
- arm64: dts: ti: k3-am62p: Fix memory ranges for GPU
- firmware: imx: scu-irq: fix OF node leak in
- arm64: dts: qcom: sdm845-oneplus: Correct gpio used for slider
- phy: mscc: Fix PTP for VSC8574 and VSC8572
- sctp: Defer SCTP_DBG_OBJCNT_DEC() to sctp_destroy_sock().
- ARM: dts: renesas: gose: Remove superfluous port property
- ARM: dts: renesas: r9a06g032-rzn1d400-db: Drop invalid #cells properties
- Revert "mtd: rawnand: marvell: fix layouts"
- mtd: nand: relax ECC parameter validation check
- mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and
remove
- task_work: Fix NMI race condition
- x86/dumpstack: Prevent KASAN false positive warnings in __show_regs()
- tools/nolibc/stdio: let perror work when NOLIBC_IGNORE_ERRNO is set
- soc: qcom: smem: fix hwspinlock resource leak in probe error paths
- pinctrl: stm32: fix hwspinlock resource leak in probe function
- i3c: fix refcount inconsistency in i3c_master_register
- i3c: master: svc: Prevent incomplete IBI transaction
- interconnect: qcom: msm8996: add missing link to SLAVE_USB_HS
- arm64: dts: qcom: msm8996: add interconnect paths to USB2 controller
- interconnect: debugfs: Fix incorrect error handling for NULL path
- perf lock contention: Load kernel map before lookup
- perf record: skip synthesize event when open evsel failed
- power: supply: cw2015: Check devm_delayed_work_autocancel() return code
- power: supply: rt9467: Return error on failure in
rt9467_set_value_from_ranges()
- power: supply: rt9467: Prevent using uninitialized local variable in
rt9467_set_value_from_ranges()
- power: supply: wm831x: Check wm831x_set_bits() return value
- power: supply: apm_power: only unset own apm_get_power_status
- scsi: target: Do not write NUL characters into ASCII configfs output
- fs/9p: Don't open remote file with APPEND mode when writeback cache is
used
- ARM: dts: am335x-netcom-plus-2xx: add missing GPIO labels
- ARM: dts: omap3: beagle-xm: Correct obsolete TWL4030 power compatible
- ARM: dts: omap3: n900: Correct obsolete TWL4030 power compatible
- x86/boot: Fix page table access in 5-level to 4-level paging transition
- efi/libstub: Fix page table access in 5-level to 4-level paging
transition
- mfd: da9055: Fix missing regmap_del_irq_chip() in error path
- ext4: correct the checking of quota files before moving extents
- perf/x86/intel: Correct large PEBS flag check
- regulator: core: disable supply if enabling main regulator fails
- scsi: stex: Fix reboot_notifier leak in probe error path
- staging: most: i2c: Drop explicit initialization of struct
i2c_device_id::driver_data to 0
- [Config] remove MOST_I2C driver
- dt-bindings: PCI: amlogic: Fix the register name of the DBI region
- RDMA/rtrs: server: Fix error handling in get_or_create_srv
- ARM: dts: stm32: stm32mp157c-phycore: Fix STMPE811 touchscreen node
properties
- ntfs3: init run lock for extend inode
- scsi: ufs: core: fix incorrect buffer duplication in
ufshcd_read_string_desc()
- cpufreq/amd-pstate: Call cppc_set_auto_sel() only for online CPUs
- powerpc/32: Fix unpaired stwcx. on interrupt exit
- wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper()
- coresight: etm4x: Correct polling IDLE bit
- coresight: etm4x: Extract the trace unit controlling
- coresight: etm4x: Add context synchronization before enabling trace
- clk: renesas: r9a06g032: Fix memory leak in error path
- lib/vsprintf: Check pointer before dereferencing in time_and_date()
- ACPI: property: Fix fwnode refcount leak in
acpi_fwnode_graph_parse_endpoint()
- scsi: sim710: Fix resource leak by adding missing ioport_unmap() calls
- leds: netxbig: Fix GPIO descriptor leak in error paths
- PCI: keystone: Exit ks_pcie_probe() for invalid mode
- arm64: dts: rockchip: Move the EEPROM to correct I2C bus on Radxa ROCK
5A
- arm64: dts: rockchip: Add eeprom vcc-supply for Radxa ROCK 5A
- ps3disk: use memcpy_{from,to}_bvec index
- bpf: Handle return value of ftrace_set_filter_ip in register_fentry
- selftests/bpf: Fix failure paths in send_signal test
- watchdog: wdat_wdt: Fix ACPI table leak in probe function
- watchdog: starfive: Fix resource leak in probe error path
- tracefs: fix a leak in eventfs_create_events_dir()
- NFSD/blocklayout: Fix minlength check in proc_layoutget
- drm/msm/a2xx: stop over-complaining about the legacy firmware
- bpf: Improve program stats run-time calculation
- powerpc/64s/hash: Restrict stress_hpt_struct memblock region to within
RMA limit
- powerpc/64s/ptdump: Fix kernel_hash_pagetable dump for ISA v3.00 HPTE
format
- fs/ntfs3: out1 also needs to put mi
- fs/ntfs3: Prevent memory leaks in add sub record
- drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue
- net/ipv6: Remove expired routes with a separated list of routes.
- ipv6: clear RA flags when adding a static route
- perf arm-spe: Extend branch operations
- perf arm_spe: Fix memset subclass in operation
- pwm: bcm2835: Make sure the channel is enabled after pwm_request()
- wifi: mac80211: fix CMAC functions not handling errors
- mfd: mt6397-irq: Fix missing irq_domain_remove() in error path
- mfd: mt6358-irq: Fix missing irq_domain_remove() in error path
- phy: renesas: rcar-gen3-usb2: Fix an error handling path in
rcar_gen3_phy_usb2_probe()
- net: phy: adin1100: Fix software power-down ready condition
- cpuset: Treat cpusets in attaching as populated
- usb: chaoskey: fix locking for O_NONBLOCK
- usb: dwc2: disable platform lowlevel hw resources during shutdown
- usb: dwc2: fix hang during shutdown if set as peripheral
- usb: dwc2: fix hang during suspend if set as peripheral
- usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE
- selftests/bpf: skip test_perf_branches_hw() on unsupported platforms
- selftests/bpf: Improve reliability of test_perf_branches_no_hw()
- crypto: ccree - Correctly handle return of sg_nents_for_len
- RISC-V: KVM: Fix guest page fault within HLV* instructions
- RDMA/bnxt_re: Fix the inline size for GenP7 devices
- firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc
- staging: fbtft: core: fix potential memory leak in fbtft_probe_common()
- btrfs: fix leaf leak in an error path in btrfs_del_items()
- PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition
- drm/nouveau: restrict the flush page to a 32-bit address
- iomap: factor out a iomap_dio_done helper
- iomap: always run error completions in user context
- wifi: ieee80211: correct FILS status codes
- backlight: lp855x: Fix lp855x.h kernel-doc warnings
- iommu/arm-smmu-qcom: Enable use of all SMR groups when running bare-
metal
- RDMA/irdma: Fix data race in irdma_sc_ccq_arm
- RDMA/irdma: Fix data race in irdma_free_pble
- RDMA/irdma: Do not directly rely on IB_PD_UNSAFE_GLOBAL_RKEY
- ASoC: fsl_xcvr: clear the channel status control memory
- drm/amd/display: Fix logical vs bitwise bug in
get_embedded_panel_info_v2_1()
- hwmon: sy7636a: Fix regulator_enable resource leak on error path
- ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4
- ublk: prevent invalid access with DEBUG
- ext4: improve integrity checking in __mb_check_buddy by enhancing
order-0 validation
- virtio_vdpa: fix misleading return in void function
- virtio: fix typo in virtio_device_ready() comment
- virtio: fix whitespace in virtio_config_ops
- virtio: fix virtqueue_set_affinity() docs
- vdpa/pds: use %pe for ERR_PTR() in event handler registration
- ASoC: Intel: catpt: Fix error path in hw_params()
- ARM: dts: samsung: universal_c210: turn off SDIO WLAN chip during system
suspend
- ARM: dts: samsung: exynos4210-i9100: turn off SDIO WLAN chip during
system suspend
- ARM: dts: samsung: exynos4210-trats: turn off SDIO WLAN chip during
system suspend
- ARM: dts: samsung: exynos4412-midas: turn off SDIO WLAN chip during
system suspend
- resource: replace open coded resource_intersection()
- resource: introduce is_type_match() helper and use it
- Reinstate "resource: avoid unnecessary lookups in find_next_iomem_res()"
- netfilter: flowtable: check for maximum number of encapsulations in
bridge vlan
- netfilter: nf_conncount: rework API to use sk_buff directly
- netfilter: nft_connlimit: update the count if add was skipped
- net: stmmac: fix rx limit check in stmmac_rx_zc()
- mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors
- selftests: bonding: add ipvlan over bond testing
- selftests: bonding: add delay before each xvlan_over_bond connectivity
check
- mtd: lpddr_cmds: fix signed shifts in lpddr_cmds
- remoteproc: qcom_q6v5_wcss: fix parsing of qcom,halt-regs
- md/raid5: fix IO hang when array is broken with IO inflight
- clk: keystone: fix compile testing
- perf tools: Fix split kallsyms DSO counting
- pinctrl: single: Fix PIN_CONFIG_BIAS_DISABLE handling
- pinctrl: single: Fix incorrect type for error return variable
- fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe()
- 9p: fix cache/debug options printing in v9fs_show_options
- NFS: Avoid changing nlink when file removes and attribute updates race
- fs/nls: Fix utf16 to utf8 conversion
- NFS: Initialise verifiers for visible dentries in readdir and lookup
- NFS: Initialise verifiers for visible dentries in nfs_atomic_open()
- Revert "nfs: ignore SB_RDONLY when remounting nfs"
- Revert "nfs: clear SB_RDONLY before getting superblock"
- Revert "nfs: ignore SB_RDONLY when mounting nfs"
- Expand the type of nfs_fattr->valid
- NFS: Fix inheritance of the block sizes when automounting
- fs/nls: Fix inconsistency between utf8_to_utf32() and utf32_to_utf8()
- platform/x86: asus-wmi: use brightness_set_blocking() for kbd led
- ASoC: bcm: bcm63xx-pcm-whistler: Check return value of
of_dma_configure()
- ASoC: ak4458: Disable regulator when error happens
- ASoC: ak5558: Disable regulator when error happens
- blk-mq: Abort suspend when wakeup events are pending
- block: fix comment for op_is_zone_mgmt() to include RESET_ALL
- nvme-auth: use kvfree() for memory allocated with kvcalloc()
- dma/pool: eliminate alloc_pages warning in atomic_pool_expand
- ALSA: uapi: Fix typo in asound.h comment
- rtc: gamecube: Check the return value of ioremap()
- ARM: 9464/1: fix input-only operand modification in
load_unaligned_zeropad()
- dm-raid: fix possible NULL dereference with undefined raid type
- dm log-writes: Add missing set_freezable() for freezable kthread
- efi/cper: Add a new helper function to print bitmasks
- efi/cper: Adjust infopfx size to accept an extra space
- efi/cper: align ARM CPER type with UEFI 2.9A/2.10 specs
- ocfs2: fix memory leak in ocfs2_merge_rec_left()
- LoongArch: Add machine_kexec_mask_interrupts() implementation
- net: lan743x: Allocate rings outside ZONE_DMA
- usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt
- usb: phy: Initialize struct usb_phy list_head
- ipv6: add exception routes to GC list in rt6_insert_exception
- btrfs: do not skip logging new dentries when logging a new name
- btrfs: fix a potential path leak in print_data_reloc_error()
- bpf, arm64: Do not audit capability check in do_jit()
- btrfs: fix memory leak of fs_devices in degraded seed device path
- iomap: account for unaligned end offsets when truncating read range
- sched/fair: Revert max_newidle_lb_cost bump
- x86/ptrace: Always inline trivial accessors
- ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint()
only
- cpufreq: dt-platdev: Add JH7110S SOC to the allowlist
- cpufreq: s5pv210: fix refcount leak
- cpuidle: menu: Use residency threshold in polling state override
decisions
- livepatch: Match old_sympos 0 and 1 in klp_find_func()
- fs/ntfs3: Support timestamps prior to epoch
- kbuild: Use objtree for module signing key path
- hfsplus: fix volume corruption issue for generic/070
- hfsplus: fix volume corruption issue for generic/073
- wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet
- btrfs: scrub: always update btrfs_scrub_progress::last_physical
- gfs2: fix remote evict for read-only filesystems
- smb/server: fix return value of smb2_ioctl()
- ksmbd: use rwsem instead of rwlock for lease break
- Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV
- Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE
- net: fec: ERR007885 Workaround for XDP TX path
- ipvlan: Ignore PACKET_LOOPBACK in handle_mode_l2()
- mlxsw: spectrum_router: Fix possible neighbour reference count leak
- broadcom: b44: prevent uninitialized value usage
- netfilter: nf_conncount: fix leaked ct in error paths
- nfc: pn533: Fix error code in pn533_acr122_poweron_rdr()
- netfilter: nf_tables: pass context structure to nft_parse_register_load
- netfilter: nf_tables: allow loads only when register is initialized
- netfilter: nf_tables: remove redundant chain validation on register
store
- net/mlx5: fw reset, clear reset requested on drain_fw_reset
- net/mlx5: Drain firmware reset in shutdown callback
- net/mlx5: fw_tracer, Handle escaped percent properly
- net/mlx5: Skip HotPlug check on sync reset using hot reset
- net/mlx5: Serialize firmware reset with devlink
- net: enetc: do not transmit redirected XDP frames when the link is down
- net: hns3: using the num_tqps to check whether tqp_index is out of range
when vf get ring info from mbx
- hwmon: (tmp401) fix overflow caused by default conversion rate value
- MIPS: Fix a reference leak bug in ip22_check_gio()
- drm/panel: sony-td4353-jdi: Enable prepare_prev_first
- x86/xen: Move Xen upcall handler
- x86/xen: Fix sparse warning in enlighten_pv.c
- spi: cadence-quadspi: Fix clock disable on probe failure path
- block: rnbd-clt: Fix leaked ID in init_dev()
- HID: input: map HID_GD_Z to ABS_DISTANCE for stylus/pen
- Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk
table
- can: gs_usb: gs_can_open(): fix error handling
- ACPI: PCC: Fix race condition by removing static qualifier
- ACPI: CPPC: Fix missing PCC check for guaranteed_perf
- mmc: sdhci-esdhc-imx: add alternate ARCH_S32 dependency to Kconfig
- dt-bindings: mmc: sdhci-of-aspeed: Switch ref to sdhci-common.yaml
- ALSA: vxpocket: Fix resource leak in vxpocket_probe error path
- ALSA: pcmcia: Fix resource leak in snd_pdacf_probe error path
- ipmi: Fix the race between __scan_channels() and deliver_response()
- ipmi: Fix __scan_channels() failing to rescan channels
- firmware: imx: scu-irq: Init workqueue before request mbox channel
- ti-sysc: allow OMAP2 and OMAP4 timers to be reserved on AM33xx
- clk: mvebu: cp110 add CLK_IGNORE_UNUSED to pcie_x10, pcie_x11 & pcie_x4
- powerpc/addnote: Fix overflow on 32-bit builds
- scsi: qla2xxx: Fix lost interrupts with qlini_mode=disabled
- scsi: qla2xxx: Fix initiator mode with qlini_mode=exclusive
- scsi: qla2xxx: Use reinit_completion on mbx_intr_comp
- fuse: Always flush the page cache before FOPEN_DIRECT_IO write
- fuse: Invalidate the page cache after FOPEN_DIRECT_IO write
- reset: fix BIT macro reference
- exfat: fix remount failure in different process environments
- usbip: Fix locking bug in RT-enabled kernels
- iio: adc: ti_am335x_adc: Limit step_avg to valid range for gcc complains
- usb: xhci: limit run_graceperiod for only usb 3.0 devices
- usb: usb-storage: No additional quirks need to be added to the EL-R12
optical drive.
- serial: sprd: Return -EPROBE_DEFER when uart clock is not ready
- libperf cpumap: Fix perf_cpu_map__max for an empty/NULL map
- i2c: designware: Disable SMBus interrupts to prevent storms from mis-
configured firmware
- nvme-fc: don't hold rport lock when putting ctrl
- platform/x86/intel/hid: Add Dell Pro Rugged 10/12 tablet to VGBS DMI
quirks
- block: rnbd-clt: Fix signedness bug in init_dev()
- vhost/vsock: improve RCU read sections around vhost_vsock_get()
- mmc: sdhci-msm: Avoid early clock doubling during HS400 transition
- lib/crypto: x86/blake2s: Fix 32-bit arg treated as 64-bit
- s390/dasd: Fix gendisk parent after copy pair swap
- block: rate-limit capacity change info log
- floppy: fix for PAGE_SIZE != 4KB
- kallsyms: Fix wrong "big" kernel symbol type read from procfs
- fs/ntfs3: fix mount failure for sparse runs in run_unpack()
- ktest.pl: Fix uninitialized var in config-bisect.pl
- ext4: clear i_state_flags when alloc inode
- ext4: fix incorrect group number assertion in mb_check_buddy
- ext4: align max orphan file size with e2fsprogs limit
- jbd2: use a per-journal lock_class_key for jbd2_trans_commit_key
- jbd2: use a weaker annotation in journal handling
- media: v4l2-mem2mem: Fix outdated documentation
- mptcp: schedule rtx timer only after pushing data
- usb: usb-storage: Maintain minimal modifications to the bcdDevice range.
- media: pvrusb2: Fix incorrect variable used in trace message
- phy: broadcom: bcm63xx-usbh: fix section mismatches
- USB: lpc32xx_udc: Fix error handling in probe
- usb: phy: isp1301: fix non-OF device reference imbalance
- usb: dwc3: of-simple: fix clock resource leak in dwc3_of_simple_probe
- usb: dwc3: keep susphy enabled during exit to avoid controller faults
- usb: renesas_usbhs: Fix a resource leak in usbhs_pipe_malloc()
- intel_th: Fix error handling in intel_th_output_open
- cpuidle: governors: teo: Drop misguided target residency check
- cpufreq: nforce2: fix reference count leak in nforce2
- NFSD: use correct reservation type in nfsd4_scsi_fence_client
- f2fs: fix age extent cache insertion skip on counter overflow
- tools/testing/nvdimm: Use per-DIMM device handle
- KVM: x86: Don't clear async #PF queue when CR0.PG is disabled (e.g. on
#SMI)
- KVM: x86: WARN if hrtimer callback for periodic APIC timer fires with
period=0
- KVM: x86: Explicitly set new periodic hrtimer expiration in
apic_timer_fn()
- KVM: nSVM: Avoid incorrect injection of SVM_EXIT_CR0_SEL_WRITE
- KVM: SVM: Mark VMCB_NPT as dirty on nested VMRUN
- KVM: nSVM: Propagate SVM_EXIT_CR0_SEL_WRITE correctly for LMSW emulation
- KVM: SVM: Mark VMCB_PERM_MAP as dirty on nested VMRUN
- KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed
VMRUN)
- KVM: nSVM: Clear exit_code_hi in VMCB when synthesizing nested VM-Exits
- xfs: fix a memory leak in xfs_buf_item_init()
- PM: runtime: Do not clear needs_force_resume with enabled runtime PM
- r8169: fix RTL8117 Wake-on-Lan in DASH mode
- nfsd: Mark variable __maybe_unused to avoid W=1 build break
- svcrdma: return 0 on success from svc_rdma_copy_inline_range
- s390/ipl: Clear SBP flag when bootprog is set
- gpio: regmap: Fix memleak in error path in gpio_regmap_register()
- drm/amd/display: Use GFP_ATOMIC in dc_create_plane_state()
- selftests: openvswitch: Fix escape chars in regexp.
- crypto: caam - Add check for kcalloc() in test_len()
- amba: tegra-ahb: Fix device leak on SMMU enable
- tracing: Fix fixed array of synthetic event
- soc: qcom: ocmem: fix device leak on lookup
- soc: amlogic: canvas: fix device leak on lookup
- rpmsg: glink: fix rpmsg device leak
- platform/x86: intel: chtwc_int33fe: don't dereference swnode args
- i2c: amd-mp2: fix reference leak in MP2 PCI device
- hwmon: (max16065) Use local variable to avoid TOCTOU
- hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU
- ARM: dts: microchip: sama5d2: fix spi flexcom fifo size to 32
- wifi: rtw88: limit indirect IO under powered off for RTL8822CS
- wifi: cfg80211: sme: store capped length in __cfg80211_connect_result()
- wifi: mac80211: do not use old MBSSID elements
- i40e: fix scheduling in set_rx_mode
- net: mdio: aspeed: add dummy read to avoid read-after-write issue
- net: openvswitch: Avoid needlessly taking the RTNL on vport destroy
- platform/x86: msi-laptop: add missing sysfs_remove_group()
- platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic
- amd-xgbe: reset retries and mode on RX adapt failures
- Revert "UBUNTU: SAUCE: selftests: net: fix "buffer overflow detected"
for tap.c"
- selftests: net: fix "buffer overflow detected" for tap.c
- genalloc.h: fix htmldocs warning
- firewire: nosy: Fix dma_free_coherent() size
- net: dsa: b53: skip multicast entries for fdb_dump()
- net: bridge: Describe @tunnel_hash member in net_bridge_vlan_group
struct
- RDMA/efa: Remove possible negative shift
- RDMA/core: Fix logic error in ib_get_gids_from_rdma_hdr()
- RDMA/bnxt_re: Fix incorrect BAR check in bnxt_qplib_map_creq_db()
- RDMA/bnxt_re: Fix IB_SEND_IP_CSUM handling in post_send
- RDMA/bnxt_re: Fix to use correct page size for PDE table
- RDMA/rtrs: Fix clt_path::max_pages_per_mr calculation
- RDMA/bnxt_re: fix dma_free_coherent() pointer
- blk-mq: don't schedule block kworker on isolated CPUs
- blk-mq: skip CPU offline notify on unmapped hctx
- selftests/ftrace: traceonoff_triggers: strip off names
- ntfs: Do not overwrite uptodate pages
- ASoC: stm32: sai: fix device leak on probe
- ASoC: stm32: sai: fix clk prepare imbalance on probe failure
- ASoC: qcom: q6apm-dai: set flags to reflect correct operation of
appl_ptr
- ASoC: qcom: q6asm-dai: perform correct state check before closing
- ASoC: qcom: q6adm: the the copp device only during last instance
- ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment.
- iommu/amd: Fix pci_segment memleak in alloc_pci_segment()
- iommu/apple-dart: fix device leak on of_xlate()
- iommu/exynos: fix device leak on of_xlate()
- iommu/ipmmu-vmsa: fix device leak on of_xlate()
- iommu/mediatek-v1: fix device leak on probe_device()
- iommu/mediatek-v1: fix device leaks on probe()
- iommu/mediatek: fix device leak on of_xlate()
- iommu/omap: fix device leaks on probe_device()
- iommu/qcom: fix device leak on of_xlate()
- iommu/sun50i: fix device leak on of_xlate()
- iommu/tegra: fix device leak on probe_device()
- HID: logitech-dj: Remove duplicate error logging
- PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths
- SAUCE: Revert "arm64: dts: ti: k3-j721e-sk: Add DT nodes for power
regulators"
- arm64: dts: ti: k3-j721e-sk: Fix pinmux for pin Y1 used by power
regulator
- powerpc, mm: Fix mprotect on book3s 32-bit
- leds: leds-lp50xx: Allow LED 0 to be added to module bank
- leds: leds-lp50xx: LP5009 supports 3 modules for a total of 9 LEDs
- leds: leds-lp50xx: Enable chip before any communication
- mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup
- mfd: max77620: Fix potential IRQ chip conflict when probing two devices
- media: rc: st_rc: Fix reset control resource leak
- parisc: entry.S: fix space adjustment on interruption for 64-bit
userspace
- parisc: entry: set W bit for !compat tasks in syscall_restore_rfi()
- powerpc/pseries/cmm: call balloon_devinfo_init() also without
CONFIG_BALLOON_COMPACTION
- firmware: stratix10-svc: Add mutex in stratix10 memory management
- dm-ebs: Mark full buffer dirty even on partial write
- dm-bufio: align write boundary on physical block size
- fbdev: gbefb: fix to use physical address instead of dma address
- fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing
- fbdev: tcx.c fix mem_map to correct smem_start offset
- media: cec: Fix debugfs leak on bus_register() failure
- media: msp3400: Avoid possible out-of-bounds array accesses in
msp3400c_thread()
- media: renesas: rcar_drif: fix device node reference leak in
rcar_drif_bond_enabled
- media: samsung: exynos4-is: fix potential ABBA deadlock on init
- media: TDA1997x: Remove redundant cancel_delayed_work in probe
- media: verisilicon: Protect G2 HEVC decoder against invalid DPB index
- media: videobuf2: Fix device reference leak in vb2_dc_alloc error path
- media: vpif_capture: fix section mismatch
- media: vpif_display: fix section mismatch
- media: amphion: Cancel message work before releasing the VPU core
- media: i2c: ADV7604: Remove redundant cancel_delayed_work in probe
- media: i2c: adv7842: Remove redundant cancel_delayed_work in probe
- media: mediatek: vcodec: Fix a reference leak in
mtk_vcodec_fw_vpu_init()
- LoongArch: Add new PCI ID for pci_fixup_vgadev()
- LoongArch: Correct the calculation logic of thread_count
- LoongArch: Fix build errors for CONFIG_RANDSTRUCT
- LoongArch: Use __pmd()/__pte() for swap entry conversions
- LoongArch: Use unsigned long for _end and _text
- compiler_types.h: add "auto" as a macro for "__auto_type"
- kasan: refactor pcpu kasan vmalloc unpoison
- idr: fix idr_alloc() returning an ID out of range
- tools/mm/page_owner_sort: fix timestamp comparison for stable sorting
- samples/ftrace: Adjust LoongArch register restore order in direct calls
- fjes: Add missing iounmap in fjes_hw_init()
- LoongArch: BPF: Zero-extend bpf_tail_call() index
- nfsd: Drop the client reference in client_states_open()
- net: usb: sr9700: fix incorrect command used to write single register
- net: macb: Relocate mog_init_rings() callback from macb_mac_link_up() to
macb_open()
- drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma
- drm/msm/a6xx: Fix out of bound IO access in a6xx_get_gmu_registers
- drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg()
- drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse()
- drm/mgag200: Fix big-endian support
- drm/nouveau/dispnv50: Don't call drm_atomic_get_crtc_state() in
prepare_fb
- blk-mq: add helper for checking if one CPU is mapped to specified hctx
- mptcp: Initialise rcv_mss before calling tcp_send_active_reset() in
mptcp_do_fastclose().
- ALSA: wavefront: Use standard print API
- ALSA: wavefront: Use guard() for spin locks
- ALSA: wavefront: Clear substream pointers on close
- ext4: fix string copying in parse_apply_sb_mount_options()
- jbd2: fix the inconsistency between checksum and data in memory for
journal sb
- btrfs: don't rewrite ret from inode_permission
- mm/ksm: fix exec/fork inheritance support for prctl
- usb: ohci-nxp: Use helper function devm_clk_get_enabled()
- usb: ohci-nxp: fix device leak on probe failure
- scsi: ufs: core: Add ufshcd_update_evt_hist() for UFS suspend error
- f2fs: use f2fs_err_ratelimited() to avoid redundant logs
- ARM: dts: microchip: sama7g5: fix uart fifo size to 32
- fuse: fix readahead reclaim deadlock
- PCI: brcmstb: Fix disabling L0s capability
- lockd: fix vfs_test_lock() calls
- mm: simplify folio_expected_ref_count()
- mm: consider non-anon swap cache folios in folio_expected_ref_count()
- pmdomain: imx: Fix reference count leak in imx_gpc_probe()
- net: phy: mediatek: fix nvmem cell reference leak in
mt798x_phy_calibration
- drm/amdgpu: Forward VMID reservation errors
- drm/mediatek: Fix probe memory leak
- drm/mediatek: Fix probe resource leaks
- drm/tilcdc: request and mapp iomem with devres
- tty: introduce and use tty_port_tty_vhangup() helper
- xhci: dbgtty: fix device unregister: fixup
- usb: xhci: move link chain bit quirk checks into one helper function.
- LoongArch: Refactor register restoration in ftrace_common_return
- f2fs: remove unused GC_FAILURE_PIN
- f2fs: keep POSIX_FADV_NOREUSE ranges
- f2fs: drop inode from the donation list when the last file is closed
- f2fs: fix to propagate error from f2fs_enable_checkpoint()
- f2fs: fix to detect recoverable inode during dryrun of
find_fsync_dnodes()
- media: verisilicon: Fix CPU stalls on G2 bus error
- mm/balloon_compaction: we cannot have isolated pages in the balloon list
- mm/balloon_compaction: convert balloon_page_delete() to
balloon_page_finalize()
- powerpc/pseries/cmm: adjust BALLOON_MIGRATE when migrating pages
- KVM: nVMX: Immediately refresh APICv controls as needed on nested VM-
Exit
- media: amphion: Add a frame flush mode for decoder
- media: amphion: Make some vpu_v4l2 functions static
- media: amphion: Remove vpu_vb_is_codecconfig
- mm/damon/tests/vaddr-kunit: handle alloc failures in
damon_test_split_evenly_fail()
- mm/damon/tests/vaddr-kunit: handle alloc failures on
damon_do_test_apply_three_regions()
- sched/fair: Small cleanup to sched_balance_newidle()
- sched/fair: Small cleanup to update_newidle_cost()
- sched/fair: Proportional newidle balance
- RDMA/rxe: Fix the failure of ibv_query_device() and
ibv_query_device_ex() tests
- mm/damon/tests/vaddr-kunit: handle alloc failures on
damon_test_split_evenly_succ()
- mm/damon/tests/core-kunit: handle alloc failres in
damon_test_new_filter()
- mm/damon/tests/core-kunit: handle allocation failures in
damon_test_regions()
- mm/damon/tests/core-kunit: handle memory failure from
damon_test_target()
- mm/damon/tests/core-kunit: handle alloc failures on
damon_test_split_regions_of()
- mm/damon/tests/core-kunit: handle alloc failures on
damos_test_filter_out()
- mm/damon/tests/core-kunit: handle alloc failures in
damon_test_set_regions()
- mm/damon/tests/core-kunit: handle alloc failures in
damon_test_ops_registration()
- mm/damon/tests/core-kunit: handle alloc failure on
damon_test_set_attrs()
- virtio_console: fix order of fields cols and rows
- pwm: stm32: Always program polarity
- tty: fix tty_port_tty_*hangup() kernel-doc
- firmware: arm_scmi: Fix unused notifier-block in unregister
- ext4: filesystems without casefold feature cannot be mounted with
siphash
- drm/amdkfd: Fix GPU mappings for APU after prefetch
- wifi: rtl8xxxu: Add USB ID 2001:3328 for D-Link AN3U rev. A1
- smack: fix bug: setting task label silently ignores input garbage
- wifi: ath10k: Avoid vdev delete timeout when firmware is already down
- wifi: ath10k: Add missing include of export.h
- wifi: ath10k: move recovery check logic into a new work
- wifi: ath11k: restore register window after global reset
- dt-bindings: clock: qcom,x1e80100-gcc: Add missing video resets
- dt-bindings: clock: qcom,x1e80100-gcc: Add missing USB4 clocks/resets
- clk: qcom: gcc-x1e80100: Add missing USB4 clocks/resets
- inet: Avoid ehash lookup race in inet_twsk_hashdance_schedule()
- block/mq-deadline: Introduce dd_start_request()
- block/mq-deadline: Switch back to a single dispatch list
- perf annotate: Check return value of evsel__get_arch() properly
- arm64: dts: exynos: gs101: fix sysreg_apm reg property
- clk: qcom: camcc-sm8550: Specify Titan GDSC power domain as a parent to
other
- soc: qcom: gsbi: fix double disable caused by devm
- wifi: ath11k: fix VHT MCS assignment
- arm64: dts: qcom: sm8650: set ufs as dma coherent
- perf: Remove get_perf_callchain() init_nr argument
- bpf: Refactor stack map trace depth calculation into helper function
- perf/x86/intel/cstate: Remove PC3 support from LunarLake
- drm/imagination: Fix reference to
devm_platform_get_and_ioremap_resource()
- power: supply: rt5033_charger: Fix device node reference leaks
- power: supply: max17040: Check iio_read_channel_processed() return code
- libbpf: Fix parsing of multi-split BTF
- locktorture: Fix memory leak in param_set_cpumask()
- crypto: iaa - Fix incorrect return value in save_iaa_wq()
- drm/msm/dpu: drop dpu_hw_dsc_destroy() prototype
- leds: rgb: leds-qcom-lpg: Don't enable TRILED when configuring PWM
- RAS: Report all ARM processor CPER information to userspace
- vhost: Fix kthread worker cgroup failure handling
- vfio/pci: Use RCU for error/request triggers to avoid circular locking
- net: phy: aquantia: check for NVMEM deferral
- perf tools: Mark split kallsyms DSOs as loaded
- perf hist: In init, ensure mem_info is put on error paths
- sched/fair: Fix unfairness caused by stalled tg_load_avg_contrib when
the last task migrates out
- platform/x86:intel/pmc: Update Arrow Lake telemetry GUID
- nfs/vfs: discard d_exact_alias()
- NFS: Initialise verifiers for visible dentries in
_nfs4_open_and_get_state
- drm/plane: Fix IS_ERR() vs NULL check in
drm_plane_create_hotspot_properties()
- regulator: fixed: Rely on the core freeing the enable GPIO
- drm/nouveau: refactor deprecated strcpy
- drm/amdkfd: Use huge page size to check split svm range alignment
- block: return unsigned int from queue_dma_alignment
- fs/ntfs3: check for shutdown in fsync
- wifi: rtl8xxxu: Fix HT40 channel config for RTL8192CU, RTL8723AU
- wifi: cfg80211: use cfg80211_leave() in iftype change
- wifi: mt76: mt792x: fix wifi init fail by setting MCU_RUNNING after CLC
load
- gfs2: Fix "gfs2: Switch to wait_event in gfs2_quotad"
- Bluetooth: btusb: MT7922: Add VID/PID 0489/e170
- Bluetooth: btusb: MT7920: Add VID/PID 0489/e135
- Bluetooth: btusb: Add new VID/PID 0x0489/0xE12F for RTL8852BE-VT
- netfilter: nf_nat: remove bogus direction check
- iommufd/selftest: Add coverage for reporting max_pasid_log2 via
IOMMU_HW_INFO
- iommufd/selftest: Update hw_info coverage for an input data_type
- iommufd/selftest: Make it clearer to gcc that the access is not out of
bounds
- hwmon: (dell-smm) Limit fan multiplier to avoid overflow
- drm/xe: Restore engine registers before restarting schedulers after GT
reset
- mmc: sdhci-of-arasan: Increase CD stable timeout to 2 seconds
- scsi: ufs: host: mediatek: Fix shutdown/suspend race condition
- scsi: smartpqi: Add support for Hurray Data new controller PCI device
- exfat: zero out post-EOF page cache on file extension
- x86/mce: Do not clear bank's poll bit in mce_poll_banks on AMD SMCA
systems
- perf: arm_cspmu: fix error handling in arm_cspmu_impl_unregister()
- wifi: mt76: Fix DTS power-limits on little endian systems
- usb: gadget: lpc32xx_udc: fix clock imbalance in error path
- mei: gsc: add dependency on Xe driver
- serial: sh-sci: Check that the DMA cookie is valid
- powerpc: Add reloc_offset() to font bitmap pointer used for
bootx_printf()
- xfs: fix stupid compiler warning
- NFSD: Clear SECLABEL in the suppattr_exclcreat bitmap
- drm/amd/display: Fix scratch registers offsets for DCN35
- drm/displayid: pass iter to drm_find_displayid_extension()
- KVM: arm64: Initialize SCTLR_EL1 in __kvm_hyp_init_cpu()
- soc: apple: mailbox: fix device leak on lookup
- interconnect: qcom: sdx75: Drop QPIC interconnect and BCM nodes
- i40e: validate ring_len parameter against hardware-specific values
- idpf: reduce mbx_task schedule delay to 300us
- platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event
names
- net: dsa: fix missing put_device() in dsa_tree_find_first_conduit()
- vfio/pds: Fix memory leak in pds_vfio_dirty_enable()
- md: Fix static checker warning in analyze_sbs
- ASoC: codecs: lpass-tx-macro: fix SM6115 support
- iommu/amd: Propagate the error code returned by __modify_irte_ga() in
modify_irte_ga()
- mtd: mtdpart: ignore error -ENOENT from parsers on subpartitions
- mtd: spi-nor: winbond: Add support for W25Q01NWxxIQ chips
- mtd: spi-nor: winbond: Add support for W25Q01NWxxIM chips
- mtd: spi-nor: winbond: Add support for W25Q02NWxxIM chips
- mtd: spi-nor: winbond: Add support for W25H512NWxxAM chips
- mtd: spi-nor: winbond: Add support for W25H01NWxxAM chips
- mtd: spi-nor: winbond: Add support for W25H02NWxxAM chips
- perf/x86/amd/uncore: Fix the return value of amd_uncore_df_event_init()
on error
- mm/damon/tests/sysfs-kunit: handle alloc failures on
damon_sysfs_test_add_targets()
- mm/damon/tests/core-kunit: handle alloc failures on
damon_test_split_at()
- mm/damon/tests/core-kunit: handle memory alloc failure from
damon_test_aggregate()
- mm/damon/tests/core-kunit: handle alloc failures on
dasmon_test_merge_regions_of()
- mm/damon/tests/core-kunit: handle alloc failures on
damon_test_merge_two()
- mm/damon/tests/core-kunit: handle alloc failures in
damon_test_update_monitoring_result()
- kasan: unpoison vms[area] addresses with a common tag
- drm/amdgpu/gmc11: add amdgpu_vm_handle_fault() handling
- drm/edid: add DRM_EDID_IDENT_INIT() to initialize struct drm_edid_ident
- drm/mediatek: Fix probe device leaks
- drm/i915: Fix format string truncation warning
- drm/xe/bo: Don't include the CCS metadata in the dma-buf sg-table
- drm/xe: Adjust long-running workload timeslices to reasonable values
- drm/xe: Use usleep_range for accurate long-running workload timeslicing
- drm/xe: Drop preempt-fences when destroying imported dma-bufs.
- drm/imagination: Disallow exporting of PM/FW protected objects
- gfs2: fix freeze error handling
- sched/eevdf: Remove min_vruntime_copy
- sched/eevdf: Fix min_vruntime vs avg_vruntime
- serial: core: fix OF node leak
- serial: core: Restore sysfs fwnode information
- mptcp: pm: ignore unknown endpoint flags
- f2fs: clear SBI_POR_DOING before initing inmem curseg
- f2fs: add timeout in f2fs_enable_checkpoint()
- f2fs: dump more information for f2fs_{enable,disable}_checkpoint()
- gpiolib: acpi: Switch to use enum in acpi_gpio_in_ignore_list()
- gpiolib: acpi: Handle deferred list via new API
- gpiolib: acpi: Add acpi_gpio_need_run_edge_events_on_boot() getter
- gpiolib: acpi: Move quirks to a separate file
- gpiolib: acpi: Add a quirk for Acer Nitro V15
- gpiolib: acpi: Add quirk for ASUS ProArt PX13
- gpiolib: acpi: Add quirk for Dell Precision 7780
- serial: core: Fix serial device initialization
- media: i2c: imx219: Fix 1920x1080 mode to use 1:1 pixel aspect ratio
- wifi: mt76: mt7925: fix CLC command timeout when suspend/resume
- soundwire: stream: extend sdw_alloc_stream() to take 'type' parameter
- ASoC: qcom: sdw: fix memory leak for sdw_stream_runtime
- vfio/pci: Disable qword access to the PCI ROM bar
- iomap: allocate s_dio_done_wq for async reads as well
- mptcp: ensure context reset on disconnect()
- Upstream stable to v6.6.120, v6.12.62, v6.12.63, v6.12.64, v6.12.65
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2024-36347
- x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo
- x86/microcode/AMD: Select which microcode patch to load
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-40164
- usbnet: Fix using smp_processor_id() in preemptible code warnings
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-40325
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68206
- netfilter: nft_ct: add seqadj extension for natted connections
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71068
- svcrdma: bound check rq_pages index in inline path
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71135
- md/raid5: fix possible null-pointer dereferences in
raid5_store_group_thread_cnt()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-38234
- sched/rt: Fix race in push_rt_task
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68811
- svcrdma: use rc_pageoff for memcpy byte offset
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68810
- KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71109
- MIPS: ftrace: Fix memory corruption when kernel is located beyond 32
bits
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68770
- bnxt_en: Fix XDP_TX path
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71072
- shmem: fix recovery on rename failures
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68374
- md: fix rcu protection in md_wakeup_thread
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68378
- bpf: Fix stackmap overflow check in __bpf_get_stackid()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2024-57795
- RDMA/rxe: Remove the direct link to net_device
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-38022
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device"
problem
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71140
- media: mediatek: vcodec: Use spinlock for context list protection lock
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71105
- f2fs: use global inline_xattr_slab instead of per-sb slab cache
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68772
- f2fs: fix to avoid updating compression context during writeback
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-22111
- net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-22022
- usb: xhci: Apply the link chain quirk on NEC isoc endpoints
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71141
- drm/tilcdc: Fix removal actions in case of failed probe
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71127
- wifi: mac80211: Discard Beacon frames to non-broadcast address
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71088
- mptcp: fallback earlier on simult connection
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71065
- f2fs: fix to avoid potential deadlock
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68345
- ALSA: hda: cs35l41: Fix NULL pointer dereference in
cs35l41_hda_read_acpi()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68344
- ALSA: wavefront: Fix integer overflow in sample size validation
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71077
- tpm: Cap the number of PCR banks
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71130
- drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71138
- drm/msm/dpu: Add missing NULL pointer check for pingpong interface
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71083
- drm/ttm: Avoid NULL pointer deref for evicted BOs
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71079
- net: nfc: fix deadlock between nfc_unregister_device and
rfkill_fop_write
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71129
- LoongArch: BPF: Sign extend kfunc call arguments
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71093
- e1000: fix OOB in e1000_tbi_should_accept()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71084
- RDMA/cm: Fix leaking the multicast GID table reference
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71096
- RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71136
- media: adv7842: Avoid possible out-of-bounds array accesses in
adv7842_cp_log_status()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71143
- clk: samsung: exynos-clkout: Assign .num before accessing .hws
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71078
- powerpc/64s/slb: Fix SLB multihit issue during SLB preload
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71089
- iommu: disable SVA when CONFIG_X86 is set
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71081
- ASoC: stm32: sai: fix OF node leak on probe
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71153
- ksmbd: Fix memory leak in get_file_all_info()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71133
- RDMA/irdma: avoid invalid read in irdma_net_event
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71086
- net: rose: fix invalid array index in rose_kill_by_device()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71097
- ipv4: Fix reference count leak when using error routes with nexthop
objects
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71085
- ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71095
- net: stmmac: fix the crash issue for zero copy XDP_TX action
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71137
- octeontx2-pf: fix "UBSAN: shift-out-of-bounds error"
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71101
- platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package
parsing
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71094
- net: usb: asix: validate PHY address before use
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71132
- smc91x: fix broken irq-context in PREEMPT_RT
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71154
- net: usb: rtl8150: fix memory leak on usb_submit_urb() failure
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71091
- team: fix check for port enabled in
team_queue_override_port_prio_changed()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71098
- ip6_gre: make ip6gre_header() robust
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71082
- Bluetooth: btusb: revert use of devm_kzalloc in btusb
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71131
- crypto: seqiv - Do not use req->iv after crypto_aead_encrypt
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71087
- iavf: fix off-by-one issues in iavf_config_rss_reg()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71071
- iommu/mediatek: fix use-after-free on probe deferral
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71111
- hwmon: (w83791d) Convert macros to functions to avoid TOCTOU
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71113
- crypto: af_alg - zero initialize memory allocated via sock_kmalloc
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71149
- io_uring/poll: correctly handle io_poll_add() return value on update
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68778
- btrfs: don't log conflicting inode if it's a dir moved in the current
transaction
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71119
- powerpc/kexec: Enable SMT before waking offline CPUs
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71120
- SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in
gss_read_proxy_verf
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71148
- net/handshake: restore destructor on submit failure
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68788
- fsnotify: do not generate ACCESS/MODIFY events on child for special
files
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71125
- tracing: Do not register unsupported perf events
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71104
- KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV
timer
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71116
- libceph: make decode_pool() more resilient against corrupted osdmaps
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71121
- parisc: Do not reprogram affinitiy on ASP chip
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71102
- scs: fix a wrong parameter in __scs_magic
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68804
- platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68771
- ocfs2: fix kernel BUG in ocfs2_find_victim_chain
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68808
- media: vidtv: initialize local pointers upon transfer of memory
ownership
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68769
- f2fs: fix return value of f2fs_recover_fsync_data()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71069
- f2fs: invalidate dentry cache on failed whiteout creation
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68796
- f2fs: fix to avoid updating zero-sized extent in extent cache
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71107
- f2fs: ensure node page reads complete before f2fs_put_super() finishes
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68782
- scsi: target: Reset t_task_cdb pointer in error case
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71075
- scsi: aic94xx: fix use-after-free in device removal path
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68818
- scsi: Revert "scsi: qla2xxx: Perform lockless command completion in
abort path"
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68797
- char: applicom: fix NULL pointer dereference in ac_ioctl
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68819
- media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71126
- mptcp: avoid deadlock on fallback while reinjecting
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68820
- ext4: xattr: fix null pointer deref in ext4_raw_inode()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68814
- io_uring: fix filename leak in __io_openat_prep()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71147
- KEYS: trusted: Fix a memory leak in tpm2_load_cmd
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71151
- cifs: Fix memory and information leak in smb3_reconfigure()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71108
- usb: typec: ucsi: Handle incorrect num_connectors capability
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71114
- via_wdt: fix critical boot hang due to unnamed resource allocation
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68783
- ALSA: usb-mixer: us16x08: validate meter packet indices
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68776
- net/hsr: fix NULL pointer dereference in prp_get_untagged_frame()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68773
- spi: fsl-cpm: Check length parity before switching to 16 bit mode
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68777
- Input: ti_am335x_tsc - fix off-by-one error in wire_order validation
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68806
- ksmbd: fix buffer validation by including null terminator size in EA
length
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71150
- ksmbd: Fix refcount leak when invalid session is found on session lookup
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68786
- ksmbd: skip lock-range check on equal size to avoid size==0 underflow
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68789
- hwmon: (ibmpex) fix use-after-free in high/low store
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71112
- net: hns3: add VLAN id validation before using
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71064
- net: hns3: using the num_tqps in the vf driver to apply for resources
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68775
- net/handshake: duplicate handshake cancellations leak socket
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68816
- net/mlx5: fw_tracer, Validate format string parameters
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68795
- ethtool: Avoid overflowing userspace buffer on stats query
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71122
- iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68815
- net/sched: ets: Remove drr class from the active list if it changes to
strict
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68799
- caif: fix integer underflow in cffrml_receive()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68813
- ipvs: fix ipv4 null-ptr-deref in route error path
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68785
- net: openvswitch: fix middle attribute validation in push_nsh() action
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68800
- mlxsw: spectrum_mr: Fix use-after-free when updating multicast route
stats
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68801
- mlxsw: spectrum_router: Fix neighbour use-after-free
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71066
- net/sched: ets: Always remove class from active list before deleting in
ets_qdisc_change
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68787
- netrom: Fix memory leak in nr_sendmsg()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68809
- ksmbd: vfs: fix race on m_flags in vfs_cache
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68817
- ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68767
- hfsplus: Verify inode mode when loading from disk
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68774
- hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71067
- ntfs: set dummy blocksize to read boot_block when mounting
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-71118
- ACPICA: Avoid walking the Namespace if start_node is NULL
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68780
- sched/deadline: only set free_cpus for online runqueues
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68798
- perf/x86/amd: Check event before enable to avoid GPF
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68794
- iomap: adjust read range correctly for non-block-aligned positions
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68346
- ALSA: dice: fix buffer overflow in detect_stream_formats()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68766
- irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68756
- block: Use RCU in blk_mq_[un]quiesce_tagset() instead of
set->tag_list_lock
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68753
- ALSA: firewire-motu: add bounds check in put_user loop for DSP events
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68347
- ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68764
- NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68349
- NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in
pnfs_mark_layout_stateid_invalid
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68325
- net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68354
- regulator: core: Protect regulator_supply_alias_list with
regulator_list_mutex
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68758
- backlight: led-bl: Add devlink to supplier LEDs
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68765
- mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68763
- crypto: starfive - Correctly handle return of sg_nents_for_len
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68740
- ima: Handle error code returned by ima_filter_rule_match()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68362
- wifi: rtl818x: rtl8187: Fix potential buffer underflow in
rtl8187_rx_cb()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68741
- scsi: qla2xxx: Fix improper freeing of purex item
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68742
- bpf: Fix invalid prog->stats access when update_effective_progs fails
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68759
- wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68363
- bpf: Check skb->transport_header is set in bpf_skb_check_mtu
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68744
- bpf: Free special fields when update [lru_,]percpu_hash maps
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68364
- ocfs2: relax BUG() to ocfs2_error() in __ocfs2_move_extent()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68366
- nbd: defer config unlock in nbd_genl_connect
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68367
- macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68755
- staging: most: remove broken i2c driver
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68371
- scsi: smartpqi: Fix device resources accessed after device removal
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68372
- nbd: defer config put in recv_work
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68746
- spi: tegra210-quad: Fix timeout handling
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68379
- RDMA/rxe: Fix null deref on srq->rq.queue after resize failure
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68380
- wifi: ath11k: fix peer HE MCS assignment
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68724
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68727
- ntfs3: Fix uninit buffer allocated by __getname()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68728
- ntfs3: fix uninit memory after failed mi_read in mi_format_new
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68757
- drm/vgem-fence: Fix potential deadlock on release
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68732
- gpu: host1x: Fix race in syncpt alloc/free
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68733
- smack: fix bug: unprivileged task can create labels
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68254
- staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68255
- staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68256
- staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68257
- comedi: check device's attached status in compat ioctls
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68258
- comedi: multiq3: sanitize config options in multiq3_attach()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68332
- comedi: c6xdigio: Fix invalid PNP driver unregistration
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68265
- nvme: fix admin request_queue lifetime
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68266
- bfs: Reconstruct file type when loading from disk
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68259
- KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68335
- comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68261
- ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock()
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68336
- locking/spinlock/debug: Fix data-race in do_raw_write_lock
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68263
- ksmbd: ipc: fix use-after-free in ipc_msg_send_request
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68264
- ext4: refresh inline data size before write operations
* Noble update: upstream stable patchset 2026-03-04 (LP: #2142789) //
CVE-2025-68337
- jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system
corrupted
* CVE-2026-23111
- netfilter: nf_tables: fix inverted genmask check in
nft_map_catchall_activate()
* CVE-2026-23209
- macvlan: fix error recovery in macvlan_common_newlink()
* CVE-2026-23074
- net/sched: Enforce that teql can only be used as root qdisc
* CVE-2026-23060
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN
spec
Date: 2026-03-27 11:23:10.726280+00:00
Changed-By: Edoardo Canepa <edoardo.canepa at canonical.com>
Signed-By: Andy Whitcroft <apw at canonical.com>
https://launchpad.net/ubuntu/+source/linux-hwe-6.8/6.8.0-110.110~22.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list